CAJ | 학술논문

　　为了提高云计算中外包数据访问机制的安全性，该文完善了一种基于树的密钥管理方案，原方案适用于数据拥有者-写-用户-读/写的应用场景。针对场景中的恶意用户，新机制引入了可信平台模块(Trusted Platform Module, TPM)，主要解决了原方案在数据访问过程中由会话密钥、数据加/解密密钥以及用户权限的变更产生的问题。此外，也考虑了如何确保用户的真实性和用户计算环境的安全性问题。同时，发现了原方案中的重放攻击和类型缺陷攻击，并提出了修正方案。最后，应用p演算建模并利用验证工具 ProVerif 分析了新机制的安全性。结果表明，新机制增强了原方案的实用性和安全性。
　　위료제고운계산중외포수거방문궤제적안전성，해문완선료일충기우수적밀약관리방안，원방안괄용우수거옹유자-사-용호-독/사적응용장경。침대장경중적악의용호，신궤제인입료가신평태모괴(Trusted Platform Module, TPM)，주요해결료원방안재수거방문과정중유회화밀약、수거가/해밀밀약이급용호권한적변경산생적문제。차외，야고필료여하학보용호적진실성화용호계산배경적안전성문제。동시，발현료원방안중적중방공격화류형결함공격，병제출료수정방안。최후，응용p연산건모병이용험증공구 ProVerif 분석료신궤제적안전성。결과표명，신궤제증강료원방안적실용성화안전성。
To improve the security on accessing outsourced data in cloud computing, the established tree-based key management scheme, which is suitable for the owner-write-users-read/write scenario, is perfected. The new scheme takes full advantage of a hardware chip called Trusted Platform Module (TPM) to deal with malicious users in the scenario. It solves some troubles caused by session keys, other keys for encrypting or decrypting data blocks in the cloud and changes of user access rights. Moreover, these problems, such as ensuring an authentic user and securing his or her computer environment, are also considered. Meantime, the unsafe fact that the original scheme is vulnerable for type and replay attacks is discovered, and the fixed methods are also designed. Finally, the new scheme is modeled using the applied calculus, and the safety of the data access procedure is analyzed using the automated reasoning tool named ProVerif. Results indicate that the scheme extended is more practical and safe than the original.